Outlook can be configured with a user/mail certificate, published the GAL to enable end users to be able to send encrypted messages. Quite a few people use these, sometimes on it’s own, sometimes in conjunction with signed messages.

You can use Microsoft Certificate Services, to issue certificates, or you as an end-user can use a certificate from a third party – the choice is up to you; and your IT policy.

Once you have a certificate you can send mail and use that certificate. To encrypt the message you publish the certificate to the GAL. You can even set it so that Outlook will encrypted all mail as you send it.

When you send an encrypted message, this is what you see in Outlook :

Notice you can not preview the item in the reading pane in Outlook. When you double click on the item, this is what you see :

Notice the blue padlock icon at the right hand side of the message.

Archiving of these types of messages is no problem with Enterprise Vault 9.0.2. However Enterprise Vault can not index the content of the messages, because they can not be decrypted by the vault service account. Metadata about the item will be indexed. Essentially the visible part – see below.

After archiving the item will look like this in Outlook :

Notice the blue padlock isn’t visible in the preview which is generated. The message body is also not visible, only the rest of the shortcut content (eg the banner, links to attachments and so on).

Double clicking on the item will retrieve it, and it will disable just like the second screenshot above.